A growing collection of small, working applications that make cryptography tangible — from Caesar ciphers to lattice-based key encapsulation. Source on GitHub. Guides on this site. No accounts. No paywalls.
This site is a teaching workbench. Each app is small enough to read in an afternoon and substantial enough to demonstrate something real — a Vigenère cipher, an authenticated stream, a Diffie-Hellman handshake, a hybrid post-quantum key exchange.
The code lives on GitHub under permissive licenses. The guides on this site walk through the math, the protocol, and the security story. Run the apps, break them, fork them, ship them.
Built and maintained by a working cryptographer who'd rather you learned the primitives than memorized the marketing. Everything here is free. There is nothing to sign up for.
End-to-end encrypted file sharing where every send picks its own cipher suite. Eight keypairs per account; five posture presets — classical ECDH all the way through hybrid PQ to CNSA 2.0 (ML-KEM-1024 + ML-DSA-87). The picker enforces the locks, the recipient verifies under whatever you chose, and the bytes on the wire prove it. Real working app.
Walk through the substitution ciphers that taught the world to think about keys, then watch a frequency-analysis attacker strip them down to plaintext using nothing but the statistics of English.
Step through every round of AES-128 — SubBytes, ShiftRows, MixColumns, AddRoundKey — with the state matrix updating live and plain-language notes that explain why each step is there.
Generate keys, sign messages, exchange secrets. Watch RSA's modular exponentiation and ECDH's curve point multiplication unfold step by step on parameters small enough to follow on paper.
The new NIST standards. Build intuition for lattices in 2D, encrypt a bit Regev-style, then bridge to the FIPS 203 / FIPS 204 specs through an interactive Schnorr signature.
The transitional handshake the internet is converging on. Walk through the six-message exchange, see what's on the wire, and watch HKDF-SHA-256 combine the two shared secrets into a single AES key.
Watch real SHA-256 chew through a message round by round, see the SHA-3 sponge in diagram form, build HMAC by hand, and find a real collision in a truncated hash through the birthday paradox.
Each one is self-contained. Start with the classical ciphers if cryptography is new to you; jump to ML-KEM if it isn't. The order roughly tracks the history of the field.
Every app has a written guide on this site that explains the primitive, walks through the code, and points out the failure modes. Roughly twenty minutes each.
Source is on GitHub. Clone it, run it locally, change a parameter, watch it fail. The point isn't that the code works — it's that you understand why it works.